United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



09/663,665 



09/15/2000 



Gregory L. Slaughter 



7590 

Robert C Kowert 
Conley Rose & Tayon P C 
P O Box 398 

Austin, TX 78767-0398 



10/12/2004 



5181-47300 



2188 



EXAMINER 



ZHEN, LI B 



ART UNIT 



PAPER NUMBER 



2126 

DATE MAILED: 10/12/2004 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 


Application No. 

09/663,665 


Applicant(s) 

SLAUGHTER ETAL 


CAarninor 

Li B. Zhen 


Art Unit 

2126 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I) 13 Responsive to communication(s) filed on 10 June 2004 . 

2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-53 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [3 Claim(s) 1^53 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR1. -121(d). 

II) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) M Notice of References Cited (PTO-892) 

2) CD Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) □ Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20040929 



Application/Control Number: 09/663,665 
Art Unit: 2126 



Page 2 



DETAILED ACTION 

1 . Claims 1 - 53 are pending in the current application. 

Response to Arguments 

2. Applicant's arguments with respect to the claims have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1, 2, 6 - 9, 22, 23, 27, 30, 31 and 43 - 46 are rejected under 35 U.S.C. 
103(a) as being unpatentable over U.S. Patent No. 6,569,207 to Sundaresan [cited 
in previous office action] in view of U.S. Patent No. 5,991,823 to Cavanaugh et al. 
[hereinafter Cavanaugh]. 

5. As to claim 1 , Sundaresan teaches the invention substantially as claim including 
a method for the exchange of objects in a distributed computing environment 
[distributed computer system using the Internet 100 to connect client systems 102 
executing Web browsers 104 to server systems 106 executing Web daemons 108; col. 
4, lines 16-29], comprising: 
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user accessing a client device [BeanMaker 1 12 also accepts input from the user 
in the form of optional customization specifications that define what class names to 
generate; col. 6, lines 20 - 25]; and 

generating a computer programming language object [Java objects 116, Fig. 3; 
col. 9, lines 5-16] from a data representation language representation [XML document 
114; col. 9, lines 23-38] of the object [col. 9, lines 7- 16], wherein the object is an 
instance of a class in the computer programming language [create the Java Beans 
objects 116, which are instances 302 of the default Java Beans implementation class 
specifications... 202, or instances 304 of classes which are hand-implemented by the 
application programmer to the interface in the reusable Java Beans interface class 
specification... 200, by reading an XML specification 114; col. 9, lines 23 — 39], and 
wherein the object is accessible for use during the accessing the client device 
[application programmer would use the instances 300 of the Java Beans handler class 
specifications; col. 9, lines 23 - 38]. 

6. Although Sundaresan teaches removing the computer programming language 
object [remove method; col. 8, lines 55 - 65], Sundaresan does not teach deleting the 
computer programming language object in response to the terminating access. 

However, Cavanaugh a distributed object system with an authentication protocol 
[col. 10, line 60 - col. 11, line 10] and deleting a computer programming language 
object [if the developer no longer has any use for this object it will be removed; col. 15, 
lines 9-23] in response to the terminating access [Shutdown function is used to 
shutdown a particular implementation definition by removing all servant objects; col. 13, 
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lines 28 - 51] so that the deleted object is not accessible by subsequent users of the 
client device [col. 15, lines 9 - 25]. 

7. It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of deleting the computer programming language 
object in response to the terminating access as taught by Cavanaugh to the invention of 
Sundaresan because this would prevent unauthorized access to the object and 
deallocates the storage for the object after the user has finished accessing the object. 

8. As to claim 2, Sundaresan as modified teaches receiving a message in the data 
representation language from a service device in the distributed computing environment 
prior to the generating a computer programming language object [XML specifications 
are embedded in script files, HTML pages, servlet and Java server pages, there are 
several ways to use XML specifications with HTML in the browser and server side; col. 
12, lines 20 - 49 of Sundaresan], wherein the message includes the data representation 
language representation of the object [XML specifications of Sundaresan]. 

9. As to claim 6, Sundaresan as modified teaches generating a-computer 
programming language object [Java objects 116, Fig. 3; col. 9, lines 5- 16 of 
Sundaresan] from a data representation language representation [XML document 114; 
col. 9, lines 23 - 38 of Sundaresan] of the object [col. 9, lines 7 - 16 of Sundaresan] is 
performed by a virtual machine executing within the client device [Either or both of the 
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Web browser 104 and Web daemon 108 may include a Java Virtual Machine (JVM) 110 
that executes Java objects, applets, scripts; col. 4, lines 30 - 39 of Sundaresan]. 

10. As to claim 7, Sundaresan as modified teaches generating a plurality of computer 
programming language objects from data representation language representations of 
the objects [create the Java Beans objects 116, which are instances 302 of the default 
Java Beans implementation class specifications... 202, or instances 304 of classes 
which are hand-implemented by the application programmer to the interface in the 
reusable Java Beans interface class specification... 200, by reading an XML 
specification 114; col. 9, lines 23 - 39 of Sundaresan]; and 

deleting the plurality of computer programming language objects in response to 
the terminating access [Shutdown function is used to shutdown a particular 
implementation definition by removing all servant objects; col. 13, lines 28 - 51 ; col. 15, 
lines 9 - 25 of Cavanaugh]. 

11. As to claim 8, Sundaresan as modified teaches the data representation language 
is extensible Markup Language (XML) [XML document 114; col. 9, lines 23 -38 of 
Sundaresan]. 

12. As to claim 9, Sundaresan as modified teaches the computer programming 
language is the Java programming language [Java objects 116, Fig. 3; col. 9, lines 5 - 
16; col. 4, lines 30 - 36 of Sundaresan]. 
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13. As to claims 22 and 23, these are apparatus claims that correspond to method 
claims 1 and 2; note the rejections to claims 1 and 2 above, which also meet these 
apparatus claims. 

14. As to claim 27, this is rejected for the same reason as claim 7 above. 

1 5. As to claims 30 and 31 , they are rejected for the same reasons as claims 8 and 9 
above. 

16. As to claims 43 and 44, these are product claims that correspond to method 
claims 1 and 2; note the rejections to claims 1 and 2 above, which also meet this 
product claim. 

1 7. As to claim 45, this is rejected for the same reason as claim 7 above. 

1 8. As to claim 46, this is rejected for the same reasons as claims 8 and 9 above. 

1 9. Claims 3 - 5, 10 - 21, 24 - 26, 28, 29, 32 - 42 and 47 - 53 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Sundaresan and Cavanaugh in view 
of U.S. Patent No. 5,774,551 to Wu [cited in previous office action]. 
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20. As to claim 3, Sundaresan as modified does not teach accessing a client device 
by coupling an identification device to the client and terminating access by decoupling 
the identification device from the client device. 

However, Wu teaches accessing a client device comprises the user coupling an 
identification device to the client device [authentication services 109 may include 
password or encrypted key based mechanisms such as... hardware/firmware based 
mechanisms, such as smart-card; col. 15, lines 54 - 65], wherein the identification 
device provides identification information of the user to the client device [the encrypted 
authentication tokens may be stored in a smart card, or other non-public storage facility; 
col. 10, lines 37 - 65], and wherein the termination the accessing comprises decoupling 
the identification device from the client device [system entry service 107 initiates a 
disconnect process, and handles the necessary physical disconnection and protocols 
for disconnecting from the system 100, Fig. 5; col. 19, line 57 - col. 20, line 9]. 

21 . It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of accessing a client device by coupling an 
identification device to the client and terminating access by decoupling the identification 
device from the client device as taught by Wu to the invention of Sundaresan as 
modified because this allows any system entry service to be used transparently with any 
combination of account, password, session, or authentication services, including 
multiple instances of a given type of account management service and provides 
supports for unified login and logout with multiple authentication services [col. 6, lines 
15-26 ofWu]. 
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22. As to claim 4, Sundaresan as modified teaches the identification device is a 
smart card [the encrypted authentication tokens may be stored in a smart card, or other 
non-public storage facility; col. 10, lines 37 - 65 of Wu]. 

23. As to claim 5, Sundaresan as modified teaches the accessing a client device 
comprises the user logging on to the client device [Unified login is accomplished 
through a authentication token mapping process; col. 3, lines 55 - 67 of Wu] by 
providing user identification to the client device [the encrypted authentication tokens 
may be stored in a smart card, or other non-public storage facility; col. 10, lines 37 - 65 
of Wu], and wherein the terminating the accessing comprises the user logging off the 
client device [user logouts 501 of the system entry service 107, either explicitly by 
invoking a specific method of the system entry service 107, or implicitly by shutting off 
the workstation or terminal the user is working on; col. 19, line 57 - col. 20, line 9 of 
Wu]. 

24. As to claim 10, Sundaresan as modified teaches a method for the secure 
exchange of objects in a distributed computing environment [distributed computer 
system using the Internet 100 to connect client systems 102 executing Web browsers 
104 to server systems 106 executing Web daemons 108; col. 4, lines 16 - 29 of 
Sundaresan], comprising: 

a user accessing a client device [col. 6, lines 20 - 25 of Sundaresan]; 
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the client device receiving a message in a data representation language from a 
service device in the distributed computing environment [col. 12, lines 20 - 49 of 
Sundaresan], wherein the message includes a data representation language 
representation of an object [XML specifications of Sundaresan]; 

if the determining, determines the user has access rights to the computer 
programming language object [If the authentication process is successful by the 
selected authentication services 109, the system entry service 107 is granted access to 
the computer 101 ; col. 19, lines 15-45 of Wu], generating the object [Java objects 116, 
Fig. 3; col. 9, lines 5 - 16 of Sundaresan] from the data representation language 
representation [XML document 114; col. 9, lines 23 - 38 of Sundaresan] of the object 
[col. 9, lines 7 - 16 of Sundaresan], wherein the object is an instance of a class in the 
computer programming language [col. 9, lines 23 - 39 of Sundaresan], and wherein the 
object is accessible for use during the accessing the client device [col. 9, lines 23 - 38 
of Sundaresan]; and 

if the determining determines the user does not have access rights 
[authentication failed] to the computer programming language object, not generating the 
object [indicates to the system entry service 107 that authentication failed, and hence 
the user is not authorized to access the computer; col. 10, lines 15 — 36 of Wu]. 

25. As to claim 1 1 , Sundaresan as modified teaches the message further includes 
access information for the computer programming language object [Java class 
specifications 116; col. 9, lines 5 - 16 of Sundaresan], wherein the determining if the 
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user has access rights to the computer programming language object uses the access 
information [authentication service 109 verifies 407 the user, now using the primary 
authentication token, and stores 413 this primary authentication token to the global 
token; col. 19, lines 1 - 15 of Wu]. 

26. As to claim 12, Sundaresan as modified teaches deleting the computer 
programming language object [col. 15, lines 9 - 23 of Cavanaugh] in response to the 
user terminating access to the client device [col. 13, lines 28 - 51 of Cavanaugh], 
wherein the deleted object is not accessible for use by subsequent users of the client 
device [col. 1 5, lines 9 - 25 of Cavanaugh]. 

27. As to claims 13-15, they are rejected for the same reasons as claims 3-5 
above. 

28. As to claim 16, Sundaresan as modified teaches the user terminating the 
accessing the client device [unified logout process; col. 19, line 57 - col. 20, line 8 of 
Wu] and storing the computer programming language object in response to the 
terminating access [data and/or instructions are embodied in and/or readable from a 
device, carrier or media, such as memory, data storage devices; col. 4, lines 37 - 45 of 
Sundaresan]. 
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29. As to claim 17, Sundaresan as modified teaches the user accessing the client 
device subsequent to the storing the object and accessing the stored object during the 
accessing the client device [col. 9, lines 23 - 38 of Sundaresan]. 

30. As to claim 1 8, Sundaresan as modified teaches storing access rights 
information of the user with the object [the encrypted authentication tokens may be 
stored in a smart card, or other non-public storage facility; col. 10, lines 37 - 65 of Wu], 
wherein the accessing the stored object comprises verifying the access rights of the 
user with the stored access rights information [authentication service 109 verifies 407 
the user, now using the primary authentication token, and stores 413 this primary 
authentication token to the global token; col. 19, lines 1-15 of Wu]. 

31 . As to claims 19-21, they are rejected for the same reasons as claims 6, 8 and 9 
above. 

32. As to claims 24 and 25, these are apparatus claims that correspond to method 
claims 3 and 4; note the rejections to claims 3 and 4 above, which also meet these 
apparatus claims. 

33. As to claim 26, Sundaresan as modified teaches the device is further configured 
to accept user input [col. 6, lines 20 - 25 of Sundaresan] to initiate the terminating the 
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user access [unified logout process ensures that the user's authentication token and 
credentials are removed; col. 19, line 57 - col. 20, line 8 of Wu]. 

34. As to claim 28, Sundaresan as modified teaches a processor [clients 1 02 that are 
personal computers or workstations, and servers 106 that are personal computers, 
workstations, minicomputers, or mainframes; col. 4, lines 16 - 29 of Sundaresan], a 
memory [col. 4, lines 37 - 45 of Sundaresan], and a virtual machine executed by the 
processor from the memory, wherein the generating is performed by the virtual machine 
[col. 4, lines 30 - 39 of Sundaresan]. 

35. As to claim 29, Sundaresan as modified teaches the accepting, the terminating, 
and the deleting are performed by the virtual machine [col. 4, lines 30 - 39 of 
Sundaresan], wherein the object is stored in the memory subsequent to the generating 
[col. 9, lines 7 - 16 of Sundaresan], and wherein, in the deleting, the object is deleted 
from the memory [token and credentials are removed from any publicly accessible 
resource; col. 19, line 57 - col. 20, line 8 of Wu]. 

36. As to claims 32 - 36, these are system claims that correspond to method claims 
10-14; note the rejections to claims 10-14 above, which also meet these system 
claims. 
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37. As to claim 37, Sundaresan as modified teaches a memory [col. 4, lines 37 - 45 
of Sundaresan], accept user input to terminate the access of the client device [col. 6, 
lines 20 - 25 of Sundaresan], and store the computer programming language object to 
the memory in response to the terminating access [col. 4, lines 37 - 45 of Sundaresan]. 

38. As to claims 38 - 40, they are rejected for the same reasons as claims 17,18 
and 28 above. 

39. As to claims 41 and 42, they are rejected for the same reasons as claims 8 and 9 
above. 

40. As to claims 47 - 50, these are product claims that correspond to method claims 
10-13; note the rejections to claims 10 - 13 above, which also meet these product 
claims. 

41 . As to claims 51 and 52, these are rejected for the same reasons as claims 1 6 - 
18 above. 

42. As to claim 53, this is rejected for the same reasons as claims 8 and 9 above. 

Conclusion 

43. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 
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U.S. Patent No. 6,412,070 to Van Dyke et al. teaches extensible security system 
and method for controlling access to objects in a computing environment. 

"Managing Security Policies in a Distributed Environment Using extensible 
Markup Language (XML)" teaches Java and Role-Based Access Control (RBAC) 
policies. 

44. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Li B. Zhen whose telephone number is (571 ) 272-3768. 
The examiner can normally be reached on Mon - Fri, 8:30am - 5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (571) 272-3756. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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